♻️ refactor how hosts are defined
This commit is contained in:
parent
1dd45be13c
commit
409e17b72f
29
host_vars/jake.box.nilsnh.no.yml
Normal file
29
host_vars/jake.box.nilsnh.no.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
restic_repo_pw: "{{ vault_restic_pw_jake }}"
|
||||||
|
restic_repo_url: "{{ vault_restic_url_jake }}"
|
||||||
|
restic_backup_pre_cmd:
|
||||||
|
- (cd "/tmp" && forgejo.sh dump --file="forgejo.zip")
|
||||||
|
restic_backup_targets:
|
||||||
|
- /tmp/forgejo.zip
|
||||||
|
restic_backup_frequency: daily
|
||||||
|
sendmail_mta_user: "{{ vault_mta_user }}"
|
||||||
|
sendmail_mta_user_pw: "{{ vault_mta_user_pw }}"
|
||||||
|
sendmail_mailhub: "box.nilsnh.no:465"
|
||||||
|
sendmail_hostname: jake.box.nilsnh.no
|
||||||
|
sendmail_rewrite_domain: "nilsnh.no"
|
||||||
|
sendmail_revaliases:
|
||||||
|
root: "{{ machine_from_email }}"
|
||||||
|
jake: "{{ machine_from_email }}"
|
||||||
|
git: "{{ machine_from_email }}"
|
||||||
|
machine_from_email: "noreply+jake@nilsnh.no"
|
||||||
|
machine_notifications_receiver: "mail@nilsnh.no"
|
||||||
|
forgejo_domain: "code.on.nilsnh.no"
|
||||||
|
forgejo_from: "\"Forgejo at nilsnh.no\" <{{ machine_from_email }}>"
|
||||||
|
firewall_allowed_ports:
|
||||||
|
- { port: 80, proto: "tcp" }
|
||||||
|
- { port: 443, proto: "tcp" }
|
||||||
|
- { port: 51820, proto: "udp" } # Wireguard
|
||||||
|
wireguard_private_key: "{{ vault_wireguard_private_key }}"
|
||||||
|
wireguard_address: 10.0.24.1/24
|
||||||
|
wireguard_peers:
|
||||||
|
- { AllowedIPs: 10.0.24.2/32, Endpoint: finn.lan:51820, PublicKey: "ZXbZPQY9aycB9t+lqLsiteleeWqxNi+Q37yYZcPIlSA=" }
|
|
@ -1,5 +1,5 @@
|
||||||
[jake]
|
[servers]
|
||||||
jake.box.nilsnh.no ansible_user=jake
|
jake.box.nilsnh.no ansible_user=jake
|
||||||
|
|
||||||
[this_machine]
|
[this-machine]
|
||||||
localhost ansible_connection=local
|
localhost ansible_connection=local
|
||||||
|
|
42
playbook.yml
42
playbook.yml
|
@ -1,41 +1,11 @@
|
||||||
---
|
---
|
||||||
- hosts: jake
|
- hosts: jake.box.nilsnh.no
|
||||||
handlers:
|
|
||||||
vars:
|
|
||||||
restic_repo_pw: "{{ vault_restic_pw_jake }}"
|
|
||||||
restic_repo_url: "{{ vault_restic_url_jake }}"
|
|
||||||
restic_backup_pre_cmd:
|
|
||||||
- (cd "/tmp" && forgejo.sh dump --file="forgejo.zip")
|
|
||||||
restic_backup_targets:
|
|
||||||
- /tmp/forgejo.zip
|
|
||||||
restic_backup_frequency: daily
|
|
||||||
sendmail_mta_user: "{{ vault_mta_user }}"
|
|
||||||
sendmail_mta_user_pw: "{{ vault_mta_user_pw }}"
|
|
||||||
sendmail_mailhub: "box.nilsnh.no:465"
|
|
||||||
sendmail_hostname: jake.box.nilsnh.no
|
|
||||||
sendmail_rewrite_domain: "nilsnh.no"
|
|
||||||
sendmail_revaliases:
|
|
||||||
root: "{{ machine_from_email }}"
|
|
||||||
jake: "{{ machine_from_email }}"
|
|
||||||
git: "{{ machine_from_email }}"
|
|
||||||
machine_from_email: "noreply+jake@nilsnh.no"
|
|
||||||
machine_notifications_receiver: "mail@nilsnh.no"
|
|
||||||
forgejo_domain: "code.on.nilsnh.no"
|
|
||||||
forgejo_from: "\"Forgejo at nilsnh.no\" <{{ machine_from_email }}>"
|
|
||||||
firewall_allowed_ports:
|
|
||||||
- { port: 80, proto: "tcp" }
|
|
||||||
- { port: 443, proto: "tcp" }
|
|
||||||
- { port: 51820, proto: "udp" } # Wireguard
|
|
||||||
wireguard_private_key: "{{ vault_wireguard_private_key }}"
|
|
||||||
wireguard_address: 10.0.24.1/24
|
|
||||||
wireguard_peers:
|
|
||||||
- { AllowedIPs: 10.0.24.2/32, Endpoint: finn.lan:51820, PublicKey: "ZXbZPQY9aycB9t+lqLsiteleeWqxNi+Q37yYZcPIlSA=" }
|
|
||||||
roles:
|
roles:
|
||||||
- wireguard
|
- wireguard
|
||||||
# - backup
|
- backup
|
||||||
# - sendmail
|
- sendmail
|
||||||
# - nodejs
|
- nodejs
|
||||||
- firewall
|
- firewall
|
||||||
# - forgejo
|
- forgejo
|
||||||
# - caddy
|
- caddy
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue